Cyber-criminals took advantage of Mozilla’s recent launch of Firefox 14 by masquerading as a SMS Trojan as the Firefox web browser for an Android OS. Security researchers at GFI Lab found multiple versions of the fake Firefox application hosted on several Russian websites, varying in both file names and sizes. The general purpose of the malware is to have the user download the fake program and accept a rules page which discloses that user will be billed for sending premium SMS messages. The program then sends a premium SMS message and follows by loading google.com, possibly in hopes that users will try to load the program multiple times, thereby generating additional revenue for the cyber-criminals.
The easiest way of avoiding downloading malware disguised as a valid application is for the user to download the program directly from the company that develops the application. In this case, the user would want visit www.mozilla.org and follow the links to download the Firefox 14 browser. The second thing that all users ought to do but few take the time to bother with is to read the user agreements before clicking agree. It is difficult for a user to dispute the premium SMS message charge after having agreed to pay it and hopefully any user reading the agreement would chose not to agree to pay such a charge. Maintaining up to date anti-virus software will also help to keep users from being affected by this Trojan. For example, GFI VIPRE Mobile Security will detect many of these malicious applications.
Cyber-criminals took advantage of Mozilla’s recent launch of Firefox 14 by masquerading as a SMS Trojan as the Firefox web browser for an Android OS. Security researchers at GFI Lab found multiple versions of the fake Firefox application hosted on several Russian websites, varying in both file names and sizes. The general purpose of the malware is to have the user download the fake program and accept a rules page which discloses that user will be billed for sending premium SMS messages. The program then sends a premium SMS message and follows by loading google.com, possibly in hopes that users will try to load the program multiple times, thereby generating additional revenue for the cyber-criminals.
The easiest way of avoiding downloading malware disguised as a valid application is for the user to download the program directly from the company that develops the application. In this case, the user would want visit www.mozilla.org and follow the links to download the Firefox 14 browser. The second thing that all users ought to do but few take the time to bother with is to read the user agreements before clicking agree. It is difficult for a user to dispute the premium SMS message charge after having agreed to pay it and hopefully any user reading the agreement would chose not to agree to pay such a charge. Maintaining up to date anti-virus software will also help to keep users from being affected by this Trojan. For example, GFI VIPRE Mobile Security will detect many of these malicious applications.
40/40